Win32/Lukicsel [Threat Name] go to Threat

Win32/Lukicsel.T [Threat Variant Name]

Category trojan
Size 50688 B
Aliases Trojan:Win32/Lukicsel.I (Microsoft)
  Variant.Zusy.14 (BitDefender)
Short description

Win32/Lukicsel.T is a trojan that installs Win32/Lukicsel.X malware.

Installation

The trojan is usually a part of other malware.


The trojan does not create any copies of itself.


The following Registry entries are created:

  • [HKEY_LOCAL_MACHINE\­Software\­Microsoft\­Windows NT\­CurrentVersion\­Winlogon\­Notify\­mdhcp32]
    • "DllName" = "mdhcp32.dll"
    • "Startup" = "WinStart2EX"
    • "Logoff" = "WinOff2EX"
    • "Shutdown" = "WinOff2EX"
    • "Asynchronous" =1
    • "Impersonate" = 1

This way the trojan injects its code into specific processes.

Other information

The trojan creates the following files:

  • %system%\­dll.dll (28160 B, Win32/Lukicsel.X)

The trojan loads and injects the dll.dll library into the following processes:

  • svchost.exe

Please enable Javascript to ensure correct displaying of this content and refresh this page.